Access and information flow control to secure mobile web service compositions in resource constrained environments

The growing use of mobile web services such as electronic health records systems and applications like twitter, Facebook has increased interest in robust mechanisms for ensuring security for such information sharing services. Common security mechanisms such as access control and information flow control are either restrictive or weak in that they prevent applications from sharing data usefully, and/or allow private information leaks when used independently. Typically, when services are composed there is a resource that some or all of the services involved in the composition need to share. However, during service composition security problems arise because the resulting service is made up of different services from different security domains. A key issue that arises and that we address in this thesis is that of enforcing secure information flow control during service composition to prevent illegal access and propagation of information between the participating services. This thesis describes a model that combines access control and information flow control in one framework. We specifically consider a case study of an e-health service application, and consider how constraints like location and context dependencies impact on authentication and authorization. Furthermore, we consider how data sharing applications such as the e-health service application handle issues of unauthorized users and insecure propagation of information in resource constrained environments¹. Our framework addresses this issue of illegitimate information access and propagation by making use of the concept of program dependence graphs (PDGs). Program dependence graphs use path conditions as necessary conditions for secure information flow control. The advantage of this approach to securing information sharing is that, information is only propagated if the criteria for data sharing are verified. Our solution proposes or offers good performance, fast authentication taking into account bandwidth limitations. A security analysis shows the theoretical improvements our scheme offers. Results obtained confirm that the framework accommodates the CIA-triad (which is the confidentiality, integrity and availability model designed to guide policies of information security) of our work and can be used to motivate further research work in this field

Safer in the Clouds (Extended Abstract)

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regulate server's behaviour.Comment: In Proceedings ICE 2010, arXiv:1010.530

Finding secure compositions of software services: Towards a pattern based approach

In service based systems, there is often a need to replace services at runtime as they become either unavailable or they no longer meet required quality or security properties. In such cases, it is often necessary to build compositions of services that can replace a problematic service because no single service with a sufficient match to it can be located. In this paper, we present an approach for building compositions of services that can preserve required security properties. Our approach is based on the use of secure composition patterns which are applied in connection with basic discovery mechanisms to build secure service compositions

Enforcing reputation constraints on business process workflows

The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture

Towards a Security, Privacy, Dependability, Interoperability Framework for the Internet of Things

A popular application of ambient intelligence systems constitutes of assisting living services on smart buildings. As intelligence is imported in embedded equipment, the system becomes able to provide smart services (e.g. control lights, airconditioning, provide energy management services etc.). IoT is the main enabler of such environments. However, the interconnection of these cyber-physical systems and the processing of personal data raise serious security and privacy issues. In this paper we present a framework that can guarantee Security, Privacy, Dependability and Interoperability (SPDI) in IoT. Taking advantage of the underlying IoT deployment, the proposed framework not only implements the requested smart functionality but also provide modelling and administration that can guarantee those SPDI properties. Moreover, we provide an application example of the framework in a smart building scenario

Combining behavioural types with security analysis

Today's software systems are highly distributed and interconnected, and they increasingly rely on communication to achieve their goals; due to their societal importance, security and trustworthiness are crucial aspects for the correctness of these systems. Behavioural types, which extend data types by describing also the structured behaviour of programs, are a widely studied approach to the enforcement of correctness properties in communicating systems. This paper offers a unified overview of proposals based on behavioural types which are aimed at the analysis of security properties

Grid-enabled Workflows for Industrial Product Design

This paper presents a generic approach for developing and using Grid-based workflow technology for enabling cross-organizational engineering applications. Using industrial product design examples from the automotive and aerospace industries we highlight the main requirements and challenges addressed by our approach and describe how it can be used for enabling interoperability between heterogeneous workflow engines

Distributed Access Control for Web and Business Processes

Middleware influenced the research community in developing a number of systems for controlling access to distributed resources. Nowadays a new paradigm for the lightweight integration of business resources from different partners is starting to take hold – Web Services and Business Processes for Web Services. Security and access control policies for Web Services protocols and distributed systems are well studied and almost standardized, but there is not yet a comprehensive proposal for an access control architecture for business processes. So, it is worth looking at the available approaches to distributed authorization as a starting point for a better understanding of what they already have and what they still need to address the security challenges for business processes

Constructing secure service compositions with patterns

In service based applications, it is often necessary to construct compositions of services in order to provide required functionality in cases where this is not possible through the use of a single service. Whilst creating service compositions, it is necessary to ensure not only that the functionality required of the composition is achieved but also that certain security properties are preserved. In this paper, we describe an approach to constructing secure service compositions. Our approach is based on the use of composition patterns and rules that determine the security properties that should be preserved by the individual services that constitute a composition in order to ensure that security properties of the overall composition are also satisfied. Our approach extends a framework developed to support the runtime service discovery